2 matches found
CVE-2017-16205
The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation...
CVE-2017-16205
CVE-2017-16205 relates to the coffescript npm package, described as malware that exfiltrates sensitive data (notably a user’s private SSH key and bash history) to attacker-controlled locations during installation. The companion advisories consistently warn that all versions have been unpublished ...